Hi Gary, On Wed, 23 Oct 2024 at 12:51, Gary D. Gregory <ggreg...@apache.org> wrote: > Releasing different jars from one repo is the same as releasing jars from one > SSD: A repo is just a folder with subfolders you can organize as you best see > fit. So why have 10 repos? Or how ever many we have now splintered Log4j > into? It's not like we document it. I bet devs put all Log4j repos in the > same folder anyway...
The JUL and SLF4J components have a different lifecycle from the rest of Log4j. Since everything that ends up in our source archive might as well be released as a binary artifact, we have two choices: * We can keep **identical** versions of those artifacts in both the `2.x` and `main` branches. Since, unlike the Tomcat team, we are not used to work on multiple branches, I doubt those modules will remain synchronized for long. * We can keep them in a separate repository with a different lifecycle. It is probably worth noting that Dependabot has a lot of problems with upgrading SLF4J, since we use two different versions in two different modules of the same repo. > Does STF funding work by getting paid on a per repo basis? Sigh. Since our STF funding has brought many misunderstandings inside the PMC, I will answer this obviously rhetorical question. We are paid by milestones[1] that we negotiated with the STF at the beginning of the contract. These milestones cover some very specific aspects of the development of Log4j and initially didn't contain **any** mention of `3.x`. For the past 13 months Christian, Volkan and I were contributing both some paid work (the commits strictly necessary to finish our milestones) and the usual volunteer work (like the usual bug fixes and answering user reports). To be clear, releasing 3.0.0 is not part of our paid duties. Piotr [1] https://github.com/apache/logging-log4j2/issues?q=is%3Aissue+label%3ASTF-Milestones
